clam wrapper

Jerry Benton jerry.benton at mailborder.com
Sat Jan 30 00:52:43 UTC 2016 

Well, this is the logic I am going to implement for the new clamav wrapper:

- Get incoming work directory, user, group from MailScanner.conf
- Check if work directory exists. If not, use /tmp
- If work directory exists and is a ramdisk, use $ramdisk/clamav-tmp/tmp-name
- If not a ramdisk, use /tmp
- Clean up after use.

I will use mktemp for /tmp usage and a random 32 character directory for ramdisk. Both will check if the directory exists first.



-
Jerry Benton
www.mailborder.com



> On Jan 29, 2016, at 6:58 PM, Mark Sapiro <mark at msapiro.net> wrote:
> 
> On 01/29/2016 01:26 PM, Jerry Benton wrote:
>> This is how the is setup:
>> 
>> TempDir=$(mktemp)
>> 
>> That makes a tmp file ….
> 
> 
> 
> This is a somewhat can of worms, but clamav-wrapper and also
> bitdefender-wrapper and kaspersky-wrapper and a couple of other things
> used to leave tempfiles behind under some circumstances.
> 
> Before the next, we have
> 
> if [ "x$1" = "x-IsItInstalled" ]; then
>  rm -f ${TempDir}
>  [ -x $ClamScan ] && exit 0
>  exit 1
> fi
> 
> which is code to test if clamav is installed and remove the TempDir
> before exiting.
> 
>> Then …
>> 
>> # Check if the tmpdir exists, if so delete so we start with a clean slate
>> if [ -x "${TempDir}" ]; then
>> rm -rf ${TempDir} >/dev/null 2>&1
>> fi
>> 
>> 
>> … What the fuck?
> 
> 
> Probably left over from when TempDir wasn't a mktemp
> 
>> 
>> # Make the Temp dir
>> umask 0077
>> mkdir "${TempDir}" >/dev/null 2>&1
>> 
>> 
>> … uhhhh … now we are doing it twice
> 
> 
> I agree this all seems a bit over the top. But, the module wants to exit
> immediately if it can't make TempDir.
> 
> I think we could drop the
> 
> # Check if the tmpdir exists, if so delete so we start with a clean slate
> 
> code since we know we just made it with mktemp and also drop the
> 
> # Make the Temp dir
> 
> since we already made it.
> 
> 
> 
>> then …
>> 
>> 
>> if [ $? ]; then 
>>  ExtraScanOptions="$ExtraScanOptions --tempdir=${TempDir}"
>>  # If we are root chown it to the clamav user/group
>>  if [ `whoami` = "root" ]; then
>>    chown ${ClamUser}:${ClamGroup} "${TempDir}"
>>  fi
>> fi
>> 
>> 
>> … why? the process that creates the /tmp/blah already owns /tmp/blah
> 
> 
> Right, but that's MailScanner and we need to change the group (if we
> can) so clamav can read it.
> 
> 
> -- 
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
>

More information about the MailScanner mailing list